package com.cskaoyan.market.intercepter;

import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class CorsIntercepter implements HandlerInterceptor {
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        System.out.println(request.getRequestURL());
        //允许来自于哪个域的请求发往后端 写前端的主机、端口号即可
        response.setHeader("Access-Control-Allow-Origin", "http://localhost:9527");
        //发往后端的请求允许何种请求方法
        response.setHeader("Access-Control-Allow-Methods","POST,GET,OPTIONS,PUT,DELETE");
        //发送请求时允许携带的请求头
        response.setHeader("Access-Control-Allow-Headers","x-requested-with,Authorization,Content-Type,X-CskaoyanMarket-Admin-Token,X-CskaoyanMarket-Token");
        //发送请求时是否允许携带cookie凭证
        response.setHeader("Access-Control-Allow-Credentials","true");
        return true;
    }


}
